logout issue

I am working on online application where I have to implement the logout funtionality.
I have written code for logout, in which it removes the session availables.

Once I do logout I go the logout jsp which is fine. But, when I do browser back it shows me the previous screen which I am not
interested.Instead of that I should see again logout page. I have written some code to cache and refresh the page but it does not work.

The forward method of RequestDispatcher will forward the ServletRequest and ServletResponse that it is passed to the path that was specified in getRequestDispatcher(String path). The response will not be sent back to the client and so the client will not know about this change of resource on the server. This method is useful for communicating between server resources, (servlet to servlet). Because the request and response are forwarded to another resource all request parameters are maintained and available for use. Since the client does not know about this forward on the server, no history of it will be stored on the client, so using the back and forward buttons will not work.

Rahul Ba
Ranch Hand

Joined: Oct 01, 2008
Posts: 206

posted Jan 30, 2011 19:24:57

0

Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul

Naveen puttu
Ranch Hand

Joined: Sep 15, 2009
Posts: 88

posted Jan 30, 2011 20:49:40

0

Rahul Ba wrote: Yes, Naveen I did the same thing, but again the same thing. It did not work. It's like browser keeps the page in session and that is shown to us.
Please let me know your opinion.

Rahul

Can you post your code in here . And BTW you may want to invalidate the session . That Should help and add a check for invalidated session and see what you want to do about it (Just a work around if you approaching deadlines).

Invalidating the session is the best practice while logout and that is the way it should be.
The response header part mention previously should be actualy be done for all the JSPs since the the content sits in the browser cache.
Anyways its still an open issue, you can see all bank sites even to have "Please close the window" for security reasons.
for now, if the the page alone is your concern you can redirect the user to the same page.

I believe that all the above solutions put together, you should not be facing the problem you were facing earlier.
If you still have the same problem, then probably the only explanation is that you need to clear your browser's contents.
Try removing the cookies, offline content, etc. or maybe try using another browser.

P.S. Please use code tags to abide by these practices.
Thank you,
Ashutosh.